Cloud security and security architecture

Security architecture and Cloudcomputing, are these mutually exclusive? (Introduction to Cloud Security Guidance)

Agenda Cloud risk assessment x compared to traditional risk assessments Cloud security architectures x compared to security architectures CSA domains Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Cloud risk assessment Identify Context assets establishmentMap the data Evaluate flows assets Risk Risk communication assessment Evaluate Map to Cloud Cloud deployments models and Risk treatment models Providers Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Cloud modelBroad network Rapid elasticity Measured On-demand access service service Resource poolingSoftware as a Platform as a InfrastructureService (SaaS) Service (SaaS) as a Service (SaaS)Publi Private Hybrid Community c Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Cloud computing deployment models Infrastructure Infrastructure Infrastructure Accessible and managed by owned by located consumed by Third party Third partyPublic Off-premise Untrusted provider provider Organisation Organisation On-premisePrivate/ o TrustedCommunity r 3rd party 3rdparty Off-Premise provider provider Both Organisation Both Organisation Both On-Premise Trusted &Hybrid & Third party & Third party & Off-Premise Untrusted provider provider Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Cloud model maps to Security model Cloud model GRC Business continuity SIEM Data security Identity, Access Direct map Cryptography Application sec. Host security Network security Physical security Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Responsibilities for areas in securitymodel compared to delivery models Provider responsible Customer responsible GRC Business continuity SIEM Identity, Access Cryptography Data security Application sec. Host security Network security Physical securityIaaS PaaS SaaS IaaS PaaS SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Cloud Security Domains Governance Operational Governance and Enterprise Risk  Traditional Security, Business Management Continuity and Disaster Recovery Legal Issues: Contracts and Electronic  Data Center Operations Discovery  Incident Response, Notification and Compliance and Audit Remediation Information Management and Data  Application Security Security  Encryption and Key Management Portability and Interoperability  Identity and Access Management  Virtualization  Security as a Service Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Cloud Security Alliance supports numberof projects related to cloud Get involved at https://cloudsecurityalliance.org/resea rch/https://cloudsecurityalliance.org.uk Copyright © 2012 Cloud Security Alliance

How to manage cloud security• Have a cloud security standard • What to do on an Enterprise level • Before your Cloud project • During your Cloud project How to drive out the • BAU seven deadly sins of cloud computing - new Information Security • Exit from the Cloud provider Forum report• Risks cannot be outsourced• Manage lock-in and exit up-front – especially in SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

ContactHelp us secure cloud computing – Get involved• http://cloudsecurityalliance.org.uk• info@cloudsecurityalliance.org.uk• LinkedIn: http://www.linkedin.com/groups/Cloud- Security-Alliance-UK-Chapter-3745837• Twitter: @CSAUKResearch Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Thank you! www.cloudsecurityalliance.org

Cloud security and security architecture

by Vladimir Jirasek on Dec 11, 2012

Accessibility

Categories

Upload Details

Usage Rights

1 Embed 2

Statistics

Cloud security and security architecture Presentation Transcript